feat: devcontainer, testing infrastructure, docs, DX improvements, and security policy

[akhilyad]

Summary

Developer experience, testing, documentation, and security improvements.

DevContainer & Docker

• .devcontainer/Dockerfile.dev + devcontainer.json: one-click VS Code dev environment
• docker-compose.dev.yml: full local dev stack with hot reload

Security

• SECURITY.md: responsible disclosure policy and contact info

Testing Infrastructure

• tests/conftest.py: shared pytest fixtures (tmp dirs, mock agent, mock config)
• tests/fixtures/.gitkeep: fixture directory scaffold
• frontend/vitest.config.ts + tsconfig.test.json: Vitest test setup
• frontend/src/App.test.tsx: frontend smoke test
• frontend/src/test/setup.ts: jsdom + @testing-library config
• frontend/package.json: adds vitest and @testing-library dev deps

Documentation

• docs/tutorials/custom-scorer.md: 200-line tutorial on building custom eval scorers
• docs/tutorials/index.md: tutorials landing page

Code Quality & DX

• src/openjarvis/exceptions.py: structured exception hierarchy (400+ lines)
• src/openjarvis/__lazy__.py: lazy module import utilities for faster startup
• src/openjarvis/__init__.py: wires lazy imports and new submodules
• src/openjarvis/cli/debug_cmd.py: jarvis dev debug command
• src/openjarvis/server/routes.py: realtime metrics endpoint for dashboard
• frontend/src/components/Chat/InputArea.tsx: accessibility improvements
• .gitignore: comprehensive entries for Python/Node/Rust/editor artifacts

Test plan

• uv run pytest tests/ -v --tb=short -m "not live and not cloud" passes with new fixtures
• cd frontend && npm test runs Vitest suite
• Dev container opens cleanly in VS Code (Remote - Containers)
• jarvis dev debug command works
• uv run ruff check src/ tests/ passes

Generated with Claude Code

[akhilyad]

let me know, thanks

[akhilyad]

Hi maintainers! 👋

Could someone please approve the workflow runs so CI can execute on this PR? GitHub is holding them pending approval since this is from an external fork.

The workflows waiting for approval are:

• CI — ruff + pytest
• Frontend CI — vitest
• Desktop Build & Release — tauri build
• Deploy Documentation — mkdocs build
• Claude PR Review — (note: this one will need ANTHROPIC_API_KEY set in repo secrets to work)

Thanks for taking the time to review!

[robbym-dev]

Hey @akhilyad, same feedback as #198. This PR covers devcontainer setup, testing infrastructure, docs, DX improvements, and a security policy all in one. Could you split it into focused PRs? For example:

1. DevContainer setup
2. Testing infrastructure (pytest fixtures, Vitest)
3. Documentation (tutorial, security policy)
4. Code quality (exception hierarchy, lazy imports, debug command)

Smaller PRs are much easier to review and merge quickly. Thanks!